Assessing Canada’s Integrated National Security Enforcement Teams: Can the Concept of INSETs Be Exported?

By: Michael Tierney , University of Waterloo

After the 11 September 2001 attacks in the United States, several countries adjusted their counterterrorism and national security policies to better protect themselves against terrorist threats. The Canadian government took a proactive approach to counterterrorism by studying the United States' 9/11 Commission report, which found that barriers to communication and cooperation between various security and intelligence agencies had made it easier for al Qaeda to conduct an attack on US soil.1 The assessment led to Canada's first official national security policy, which set expectations for law enforcement and intelligence agencies to work together more closely to share information, conduct investigations, and prevent terrorism, both within Canada's borders and abroad.2

In addition to encouraging security agencies to collaborate more closely than they had done prior to 9/11, the Government of Canada also set out specific provisions for countering terrorism. In particular, in 2002, the Royal Canadian Mounted Police (RCMP) was given the primary responsibility for counterterrorism in Canada's post-9/11 security environment and was instructed to set up Integrated National Security Enforcement Teams (INSETs) in various strategic sites across Canada. These new teams included Canadian Security Intelligence Service (CSIS) agents, Canadian Border Services Agency members, local law enforcement personnel, and other security-related officials. The INSETs allowed the RCMP to engage in intelligence-led policing by making it possible for all participants to provide information about threats to Canada to RCMP counterterrorism officers on an ongoing basis.3

The approach was not unlike those taken by the United States and the United Kingdom after 2001. The US government set up counterterrorism "Fusion Centers" following 9/11 to integrate law enforcement and intelligence services, while the United Kingdom created "Integrated Security Units" to operate in a similar fashion.4 In Canada, however, the situation was somewhat unique because the RCMP and the CSIS, arguably the two biggest INSETs partners, had shared a tumultuous history since the creation of CSIS in 1984. The CSIS was created from the RCMP's Security Service, which was responsible for intelligence and national security investigations in Canada prior to 1984. RCMP officers were moved to the new intelligence service amid disagreements about whether national security investigations should be conducted by law enforcement or a civilian agency, prompting resentment among former colleagues. An agency turf war resulted, and the inability of the two services to work together left Canada more vulnerable to terrorist attacks.5 These negative consequences came to light with the bombing of Air India flight 182 on 23 June 1985 by the Sikh terrorist group Babbar Khalsa.6 A subsequent inquiry into the bombing led to assertions that a better working relationship between the RCMP and the CSIS could have prevented the attack.7 Therefore, with the creation of the INSETs, the two Canadian services most responsible for combating terrorism had to overcome their past conflicts and find a way to work together very closely, as well as alongside new partners such as local law enforcement agencies.

The purpose of this article is to assess the integrated security model in Canada, and to determine whether this approach can be applied in other jurisdictions and how to implement it. There are several issues that have facilitated or prevented close collaboration between Canadian security agencies, and can provide useful insights for successful security integration in Canada and across the globe.

Canada's Counterterrorism Efforts since 9/11

Canada made significant changes to the structure and operations of its security and intelligence community soon after 9/11 with passage of the Anti-Terrorism Act and the development of a formal national security policy, both of which were later augmented by an official counterterrorism strategy. Under the Liberal government of the day, an initial $7.8 billion was earmarked over five years for national security (all dollar amounts in this article are in Canadian dollars).8 In the eight years following 9/11, the government allocated $1.6 billion for intelligence and policing and gave nearly $600 million to the RCMP for counterterrorism efforts.9 With these budget increases, the RCMP set up INSETs in four major cities across Canada: Toronto, Montreal, Vancouver, and Ottawa. These units were responsible for national security investigations in Ontario, Quebec, British Columbia, and the national capital region, respectively.10 Members of Canada's various security institutions were required to work together on issues of counterterrorism within these INSET offices and to share information more widely than they had prior to 9/11.11 These agencies were also housed under a new federal department, Public Safety Canada, which had assumed the role of its predecessor, the Office of the Solicitor General.12 Unlike the post-9/11 changes to the United States' national security policies, however, these organizational and policy changes to the relationship between intelligence and law enforcement did not lead to a massive increase in the size of Canada's security bureaucracies.13 As security analyst Kostas Rimsa notes, the Government of Canada "reorganized existing resources, only hiring a very few new staff at the lowest levels."14

Still, Canada's security institutions had been revitalized following the budget balancing and spending cuts of the 1990s. While the responsibilities of agencies such as the CSIS remained relatively the same, the RCMP was given new powers to combat terrorism, including preventive arrest and an increased role in intelligence gathering.15 As a result, the gap between intelligence and policing, which was seen as a major obstacle to preventing the 9/11 terrorist attacks in the United States, was greatly diminished. Police officers gained access to security intelligence information that had typically been used only for discovering security threats.16

INSETs are based on the premise of intelligence-led policing, in which police use intelligence to make arrests before an incident occurs.17 The RCMP is the lead agency in Canada's integrated security units, while several other agencies provide information to the Mounties as necessary.18 Conversely, the RCMP can provide INSET partners with operational support as needed.19 The close collaboration between various organizations with distinct responsibilities creates a delicate balance between intelligence and policing in Canada. In deference to the tumultuous past relations between these services, the federal government instituted a joint management team at the outset to increase cooperation and decrease interagency conflict.20 In 2004, two years after the implementation of INSETs, 285 members of the RCMP were engaged in the four INSET units located across the country.21 Since that time, the Government of Canada has set up one more security unit in the province of Alberta, with 32 officers.22 It is unclear exactly how many officers from the RCMP or agents from other services are currently engaged in INSETs, but the new partnership between the various national security agencies represents a fairly distinct shift in counterterrorism efforts in Canada when compared to pre-9/11 arrangements.

More recently, Bill C-51 was enacted in June 2015 to further support the integration of law enforcement and intelligence agencies in Canada. The legislation gives police increased powers of preventive arrest and intelligence agencies the ability to play a more proactive role in the disruption of terrorist activities.23 For instance, police officers can now make an arrest if they believe someone may conduct a terrorist act. Prior to C-51, officers could make arrests only if an individual clearly intended to commit a terrorist act.24 While the Criminal Code's wording was only slightly changed, police officers have greater responsibility to decide whether a suspect is involved in terrorism, while the threshold for making an arrest has decreased. Furthermore, there are a greater number of departments and agencies now involved in information-sharing, which had previously been limited to specific services such as the RCMP or the CSIS.25

These new measures have certainly not been without controversy. Citizens have raised concerns about privacy rights, individual freedoms, and oversight for the intelligence services, all of which may be impinged upon by new "disruptive" capabilities.26 It is worth noting that Canadian courts have historically set the burden of proof quite high for such cases, and law enforcement officials have been hesitant to use the power of preventive arrest in the past.27 Since C-51 was enacted, police officers have also turned increasingly towards the use of "peace bonds," which restrict an individual's movements and activities without placing them under arrest. To obtain a peace bond, police must present evidence before a judge that a suspect is liable to commit a terrorism offense.28 Therefore, meeting a legal burden of proof is still the norm, even if the threshold for preventive arrest has been lowered. Finally, the recently-elected Liberal government has promised more oversight for the security services with their enhanced capabilities. In this manner, the government has paid recent attention to ensuring that the new "disruptive" measures are not unduly impacting civil rights.29 Nonetheless, Canada's federal government also announced, in April 2015, that it was going to increase security spending by about $293 million over five years.30 According to the announcement, the budget increases are meant to aid INSET partners as they work to protect national security.31

Case Studies

Two specific cases involving INSETs, discussed below, demonstrate whether and how the institutions have been successful in countering terrorism since 2001.

The Arar Affair

Soon after the implementation of INSETs, Canadian security agencies began working closely together, sharing information that would help them successfully combat terrorism both at home and abroad. However, they quickly discovered the inherent risks of an integrated security approach. In 2002, an engineer with dual Syrian-Canadian citizenship named Maher Arar was stopped by US officials at John F. Kennedy International Airport in New York City. Using information passed along by the RCMP, Federal Bureau of Investigation (FBI) officers detained Arar for questioning about his alleged connections to al Qaeda and his involvement in terrorism-related activities.32 It is worth noting that the RCMP officials responsible for passing the intelligence on Arar to the FBI had originally been given the information by CSIS agents, who are a main partner in the INSET arrangement.33 Despite there being no evidence that Arar was knowingly associated with al Qaeda in any way, RCMP officials treated information that he was involved in terrorism-related activities as fact because of his acquaintance with individuals such as Abdullah Almalki, who was associated with the Ahmed Khadr family, some of whose members were linked to Osama bin Laden.34

In this case, concerns about the intelligence-sharing process centered on the fact that security intelligence had been passed along to the RCMP, which, in essence, used the information as evidence to designate Arar as a terrorist without empirical corroboration. Arar was subsequently deported to Syria, where he was imprisoned and tortured for over a year until the Syrian government gave up its efforts to find a link between him and any terrorist organization.35 He was finally released to Canadian consular authorities in October 2003. Instead of presenting the intelligence information from the CSIS as evidence of guilt, it would have been feasible for Canadian authorities to designate Arar as a person of interest due to his apparent relationships with jihadists and keep him under surveillance. Instead, his case made clear that the integrated security approach had flaws that needed to be remedied.

In the ensuing official inquiry into Arar's case, Justice Dennis O'Connor found that there was no reason to suggest that Maher Arar was involved in terrorist activities and also that the RCMP had supplied US authorities with inaccurate information that was probably the deciding factor in the deportation of Arar.36 In his final report and recommendations on the case, O'Connor's main concerns had to do with role definitions, accountability, and external review, along with training and communications within and among the security services.37 Intelligence should be used to "see patterns and understand the general picture about a specific group or activity."38 This is why the job of the CSIS is to collect and analyze information and report to the government: intelligence collection is not the same as acquiring evidence to make arrests or lay charges.39 Justice O'Connor's report stressed that INSET partners should stay within their mandates, communicate effectively, and respect each other's areas of responsibility when working together.40

The Arar case and O'Connor's report shifted the INSET arrangement into a new era, with new rules in place to prevent misuse or abuses from recurring. The RCMP and the CSIS signed a renewed memorandum of understanding in 2006 that delineated each agency's role when conducting counterterrorism investigations and during other joint initiatives.41 The Canadian Association of Chiefs of Police also adopted a Common Framework for National Security, which outlined the distinct roles of police forces like the RCMP and security agencies like the CSIS in national security operations.42 Finally, the RCMP began to configure its National Security Criminal Investigation Program's Tactical Priorities using the CSIS's National Strategic Priorities to better respect the intelligence service's role in Canadian security.43 This new level of coordination and cooperation was reflected in the Toronto18 terrorist case, described below.

The Toronto 18

In 2006, 18 men from Ontario planned to bomb the Toronto Stock Exchange, the CSIS's Toronto offices, and a military base along Highway 401, a major roadway in Ontario.44 Before the attacks could occur, however, two members of the group that came to be known as the "Toronto18" notified CSIS agents about the plot. Mubin Shaikh and Shaher Elsohemy had infiltrated the cell on behalf of the Canadian spy agency and trained at the group's camp near Orillia, Ontario.45 After concluding that the cell was in fact involved in criminal terrorist activity, the CSIS passed the two informants along to the RCMP, which ran a separate investigation.46

Mubin Shaikh

A man by the name of Zakaria Amara was one of the leaders of the Toronto18 terrorist cell. After the CSIS passed its information to the RCMP, officers entered his apartment on a legal warrant, where they found evidence including detonators, instructions about how to mix deadly chemicals, and videos on bomb activation.47CSIS agents had previously entered Amara's apartment in a covert operation and were able to lead the police in their search.48 The Mounties were also able to use wiretaps and electronic surveillance to record Toronto18 members discussing potential attacks on Canadian soil and their motives for executing such attacks.49 In the end, the attacks were prevented, members of the group were charged under the Anti-Terrorism Act, and several conspirators received prison sentences through the criminal justice system.50

More than 200RCMP officers conducted surveillance on the targets in conjunction with their INSET partners.51 While the CSIS's findings would be inadmissible in court because they dealt with sensitive national security issues, the RCMP collected evidence that would ensure that members of the Canadian terrorist cell would be brought to justice.52 Project Osage, the code name given to the joint surveillance operation, can be considered one of the most successful outcomes of the integrated security model to date.

Taking the INSET Model into the Future

The Canadian integrated security approach has resulted in both positive and negative outcomes since its inception in 2001. As the CSIS has noted, the Toronto18 case proved that police and intelligence agencies can work together to "achieve a common goal while not diluting or overstepping their respective legislative mandates."53 The "separate but parallel" investigation system developed within the INSET model and successfully implemented during the Toronto18 case is a key factor in sustaining the integrated security approach. Agencies responsible for national security in Canada have been able to maintain separate investigations while occasionally sharing information, which has allowed them to work together more seamlessly to fulfill their mutual goals and preserve their independent mandates.54 After the Toronto18 investigation, the CSIS planned to continue improving its relationship with the RCMP.55 In one of its latest public reports, the CSIS stated that it has continued to work toward this objective by developing a series of protocols for information sharing with the RCMP.56 The two services have also sought guidance from the Department of Justice and the Public Prosecution Service to interpret a growing body of jurisprudence on joint operations, which will help them further ensure that they can safeguard national security while respecting legal boundaries.57 More recent investigations conducted by INSETs, such as the Via Rail plot to attack a passenger train in 2013, seem to indicate that the agencies have remained committed to the goal of observing their respective mandates while conducting joint investigations to achieve successful outcomes.58

In response to the O'Connor inquiry, Canadian INSET partners implemented new policies and procedures to decrease the chances of another negative outcome, while strengthening their ability to protect Canadian security. To investigate the Toronto18 case, agencies such as the RCMP, the CSIS, and local law enforcement were able to draw on well-trained personnel who shared information and pooled resources in a precise, effective, and responsible manner. The agencies markedly improved their communications with each other, fully respected their partners' roles, and worked together toachieve common objectives during the investigation. These measures allowed INSET partners to collaborate more successfully than they had during the Arar affair. The agencies also demonstrated that they were able to overcome the long-standing differences that had troubled them prior to 9/11.

Conversely, it is evident from the Arar affair that any government attempting to closely integrate its security agencies must ensure that all of the partners involved have clearly demarcated roles, understand and respect each other's responsibilities, and have appropriate accountability structures in place to deter the improper sharing of information. Furthermore, it is imperative that personnel assigned to integrated security units receive proper training and understand how to effectively communicate with officials from other agencies. This will help them to avoid duplication of efforts and ensure that any information shared includes stipulations regarding the user's intentions and the information's degree of accuracy. Such measures will help any country that is considering the integrated security model to avoid problems such as those that occurred in the Arar case.

Outside of specific cases however, obstacles remain with regard to security integration in Canada. Of particular concern are the very different natures of intelligence and law enforcement. In essence, the imperative of the CSIS is long-term intelligence gathering, so that policy makers may understand and address future threats to national security. Yet the RCMP is driven by the need to prevent crimes in the short term.59 While these responsibilities are not necessarily mutually exclusive, the divergence in organizational cultures creates a barrier for the close collaboration of intelligence agencies and police services. It is worth noting that the CSIS and the RCMP have experienced some tensions in recent years, especially with regard to resource allocation, how information is shared between partners, and how new mandates under C-51 might affect each agency's existing relationships with other security agencies.60 Due to their tumultuous history, there are avenues available for these particular agencies to overcome their cultural differences. States that are looking at implementing an integrated security model, however, must be aware of similar issues as they rethink their own national security policies.

Further consideration must also be given to the issue of oversight for integrated security services. Traditionally, security services have their own accountability mechanisms, but the integrated security model likely requires an integrated oversight mechanism as well. When they do implement this kind of accountability structure, agencies are actually more prone to sharing information because they feel less concern about how the information will be used by the partner agency.61 An enhanced accountability mechanism also helps to alleviate public concerns about the possible infringement of civil rights.62 Notably, the Government of Canada has recently announced that it will review national security oversight in an attempt to address the lack of an integrated accountability mechanism for INSET partners. In the same way, other countries that plan to shift from traditional security approaches to the INSET model should review their oversight mechanisms to ensure effective collaboration and successful operations between security partners.

The auditor general of Canada has found further problems with the INSET partners' ability to work together due to technology constraints and personnel decisions. Specifically, INSET partners have had to work together without adequate computer systems in place to share database information, despite the fact that one of the central goals of the INSETs is better data-sharing.63 Another concern is whether the agencies have sufficient resources and subject matter experts in place to fully address threats to national security, conduct investigations, and collaborate with partner agencies.64 While it would seem that government and top security officials have attempted to address some of these issues in recent years, especially with regards to computer systems and personnel distribution, it is important that sufficient resources are allocated to give INSETs the best opportunity to achieve their central objectives.65

Conclusion

While Canada's INSETs undoubtedly have room for improvement, experience so far suggests that the model can be applied across various jurisdictions if the appropriate measures are established for security services to work together effectively to combat terrorism. In the Canadian context, it will be important to study how Bill C-51 affects the integrated security approach moving forward and to determine how enhanced security services collaborate under an altered accountability structure to safeguard national security. Based on the assessment presented here, countries considering the integrated security model may better understand whether INSETs can be successfully established within their own security communities. ²

About the Author(s):

Michael Tierney is an anti–money laundering and anti–terrorist financing investigator in Canada.

Copyright 2016, Michael Tierney. The US federal government is granted for itself and others acting on its behalf in perpetuity a paid-up, nonexclusive, irrevocable worldwide license in this work to reproduce, prepare derivative works, distribute copies to the public, and perform publicly and display publicly, by or on behalf of the US federal government. All other rights are reserved by the copyright owner(s). Foreign copyrights may apply.

Commission of Inquiry into the Actions of Canadian Officials in Relation to Maher Arar, Report of the Events Relating to Maher Arar: Factual Background, Volume 1 (Ottawa: Minister of Public Works and Government Services, 2006):http://www.sirc-csars.gc.ca/pdfs/cm_arar_bgv1-eng.pdf